eBay came under pressure on Thursday over a massive hacking of customer data as three states began investigating the e-commerce company’s security practices.

Connecticut, Florida and Illinois said they are jointly investigating the matter. New York Attorney General Eric Schneiderman requested eBay provide free credit monitoring for everyone affected.

Details about what happened are still unclear because eBay has provided few details about the attack. It is also unclear what legal authority states have over eBay’s handling of the matter.

The states’ quick move shows that authorities are serious about holding companies accountable for securing data following high-profile breaches at other companies, including retailers Target, Neiman Marcus and Michaels and credit monitoring bureau Experian.

Congress and the Federal Trade Commission are investigating the Target breach, which resulted in the firing of the company’s chief executive and its chief information officer.

“There is definitely a climate shift,” said Jamie Court, president of the advocacy group Consumer Watchdog. “The departure of the Target CEO over the problem signals inside the board room and in the halls of government that these are betrayals of customers and that they won’t be tolerated.”

The investigation by the states will focus on eBay’s measures for securing data, circumstances that led to the breach and the company’s response, said Jaclyn Falkowski, a spokeswoman for Connecticut Attorney General George Jepsen.